CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/05/08 16:58:35
Modified files:
usr.bin/ssh: ssh-keygen.c
Log message:
improve error message when 'ssh-keygen -Y sign' is unable to load a
private key; bz3429, reported by Adam Szkoda ok dtucker@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/05/08 16:32:36
Modified files:
usr.bin/ssh: sftp.c
Log message:
When performing operations that glob(3) a remote path, ensure that the
implicit working directory used to construct that path escapes
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/05/04 19:04:14
Modified files:
usr.bin/ssh: sshkey.c
Log message:
sshkey_unshield_private() contains a exact duplicate of the code in
private2_check_padding(). Pull private2_check_padding() up so th
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/05/04 18:56:58
Modified files:
usr.bin/ssh: channels.c channels.h
Log message:
channel_new no longer frees remote_name. So update the comment
accordingly. As remote_name is not modified, it can be
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/05/04 18:55:11
Modified files:
usr.bin/ssh: mux.c
Log message:
mux.c: mark argument as const; from Martin Vahlensieck
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/05/01 17:20:30
Modified files:
usr.bin/ssh: moduli.c
Log message:
fix some integer overflows in sieve_large() that show up when trying
to generate modp groups > 16k bits. Reported via GHPR#306 by
Be
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/04/28 22:55:08
Modified files:
usr.bin/ssh: addr.c
Log message:
be stricter in which characters will be accepted in specifying a mask
length; allow only 0-9. From khaleesicodes via GHPR#278; ok dtuc
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/04/28 21:24:30
Modified files:
usr.bin/ssh: ssh-pkcs11-helper.8 ssh-sk-helper.8
Log message:
mention that the helpers are used by ssh(1), ssh-agent(1) and
ssh-keygen(1). Previously only ssh(1) was m
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/04/28 21:13:32
Modified files:
usr.bin/ssh: ssh-agent.c
Log message:
fix memleak on session-bind path; from Pedro Martelletto, ok dtucker@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/04/27 20:53:32
Modified files:
usr.bin/ssh: krl.c
Log message:
avoid printing hash algorithm twice; from lucas AT sexy.is
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/04/19 22:19:11
Modified files:
usr.bin/ssh: channels.c clientloop.c serverloop.c
Log message:
Try to continue running local I/O for channels in state OPEN during
SSH transport rekeying. The most vis
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/04/11 16:52:08
Modified files:
usr.bin/ssh: channels.c
Log message:
clear io_want/io_ready flags at start of poll() cycle;
avoids plausible spin during rekeying if channel io_want flags are
reused a
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/04/07 22:40:40
Modified files:
usr.bin/ssh: sshbuf.c
Log message:
two defensive changes from Tobias Stoeckmann via GHPR287
enforce stricter invarient for sshbuf_set_parent() - never allow
a buffer
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2022/04/07 22:23:55
Modified files:
openssh: report.html
Log message:
update bugzilla link
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2022/04/07 19:48:40
Modified files:
openssh: ftp.html index.html openbsd.html
releasenotes.html
openssh/txt: release-9.0
Log message:
OpenSSH 9.0
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2022/04/07 19:48:24
Modified files:
build : Makefile
build/mirrors : openssh-ftp.html.head
Log message:
OpenSSH 9.0
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2022/04/07 19:47:57
Added files:
openssh/txt: release-9.0
Log message:
OpenSSH 9.0 release notes
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/04/04 16:45:25
Modified files:
usr.bin/ssh: version.h
Log message:
openssh-9.0
On Wed, 30 Mar 2022, Damien Miller wrote:
> CVSROOT: /cvs
> Module name: src
> Changes by: d...@cvs.openbsd.org2022/03/30 21:05:49
>
> Modified files:
> usr.bin/ssh: PROTOCOL sftp-server.c
> usr.bin/ssh/sftp-server: Makefile
>
> Log
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/03/30 21:07:33
Modified files:
regress/usr.bin/ssh: sftp-cmds.sh
Log message:
regression test for sftp cp command
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/03/30 21:07:03
Modified files:
usr.bin/ssh: sftp-client.c sftp-client.h sftp.1 sftp.c
Log message:
add a sftp client "cp" command that supports server-side copying
of files. Useful for this task and
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/03/30 21:05:49
Modified files:
usr.bin/ssh: PROTOCOL sftp-server.c
usr.bin/ssh/sftp-server: Makefile
Log message:
add support for the "corp-data" protocol extension to allow
server-side cop
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/03/30 15:13:23
Modified files:
usr.bin/ssh: myproposal.h
Log message:
select post-quantum KEX sntrup761x25519-sha...@openssh.com as the
default; ok markus@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/03/30 15:10:25
Modified files:
usr.bin/ssh: channels.c channels.h
Log message:
fix poll() spin when a channel's output fd closes without data in the
channel buffer. Introduce more exact packing of c
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/03/29 22:33:09
Modified files:
usr.bin/ssh: ssh.c
Log message:
ssh is almost out of getopt() characters; note the remaining
remaining available ones in a comment
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/03/29 22:27:51
Modified files:
usr.bin/ssh: sshsig.c
Log message:
avoid NULL deref via ssh-keygen -Y find-principals. bz3409, reported
by Mateusz Adamowski
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/03/20 02:52:17
Modified files:
usr.bin/ssh: scp.c
Log message:
don't leak argument list; bz3404, reported by Balu Gajjala
ok dtucker@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/03/20 02:51:21
Modified files:
usr.bin/ssh: misc.c
Log message:
make addargs() and replacearg() a little more robust and improve error
reporting
make freeargs(NULL) a noop like the other free funct
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/03/17 22:04:11
Modified files:
usr.bin/ssh: servconf.c servconf.h sshd.c
Log message:
don't try to resolve ListenAddress directives in the sshd re-exec
path - we're never going to use the result and
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/03/17 20:50:22
Modified files:
usr.bin/ssh: sftp.c
Log message:
remove blank line
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/03/17 20:32:22
Modified files:
usr.bin/ssh: ssh-keygen.c
Log message:
helpful comment
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/03/17 20:31:25
Modified files:
usr.bin/ssh: ssh-keygen.c
Log message:
ssh-keygen -Y check-novalidate requires namespace or SEGV will ensue.
Patch from Mateusz Adamowski via GHPR#307
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/03/14 23:27:37
Modified files:
usr.bin/ssh: channels.c
Log message:
improve DEBUG_CHANNEL_POLL debugging message
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/02/28 18:59:19
Modified files:
usr.bin/ssh: sshd.c
Log message:
pack pollfd array before server_accept_loop() ppoll() call,
and terminate sshd if ppoll() returns errno==EINVAL
avoids spin in ppoll
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/02/24 19:09:27
Modified files:
usr.bin/ssh: monitor.c
Log message:
save an unneccessary alloc/free, based on patch from
Martin Vahlensieck; ok dtucker@
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2022/02/23 20:38:17
Modified files:
openssh: releasenotes.html
openssh/txt: release-8.9
Log message:
missing word; spotted by Alexander H
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/02/23 14:21:50
Modified files:
usr.bin/ssh: auth-rhosts.c
Log message:
free(3) wants stdlib.h
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/02/23 14:21:16
Modified files:
usr.bin/ssh: scp.1
Log message:
put back the scp manpage changes for SFTP mode too
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2022/02/23 04:59:18
Modified files:
build : Makefile
build/mirrors : openssh-ftp.html.head
openssh: ftp.html index.html openbsd.html
releasenotes.h
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2022/02/23 04:55:29
Added files:
openssh/txt: release-8.9
Log message:
openssh 8.9 release notes
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/02/23 04:18:13
Modified files:
usr.bin/ssh: auth2.c
Log message:
avoid integer overflow of auth attempts (harmless, caught by monitor)
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/02/23 04:17:10
Modified files:
usr.bin/ssh: auth.c
Log message:
randomise the password used in fakepw
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/02/23 04:15:57
Modified files:
usr.bin/ssh: auth-rhosts.c
Log message:
use asprintf to construct .rhosts paths
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/02/23 04:07:09
Modified files:
usr.bin/ssh: version.h
Log message:
openssh-8.9
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/02/17 03:58:27
Modified files:
usr.bin/ssh: channels.c
Log message:
check for EINTR/EAGAIN failures in the rfd fast-path;
caught by dtucker's minix3 vm :) ok dtucker@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/02/14 22:13:36
Modified files:
usr.bin/ssh: ssh_config.5
Log message:
document the unbound/host-bound options to PubkeyAuthentication;
spotted by HARUYAMA Seigo
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/02/09 21:12:39
Modified files:
usr.bin/ssh: scp.1 scp.c
Log message:
revert for imminent OpenSSH release, which wil ship with scp in RCP mode.
> revision 1.106
> date: 2021/10/15 14:46:46; author:
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/02/06 18:25:12
Modified files:
usr.bin/ssh: sk-usbhid.c
Log message:
use libfido2 1.8.0+ fido_assert_set_clientdata() instead of manually
hashing data outselves. Saves a fair bit of code and makes l
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/02/01 16:37:15
Modified files:
regress/usr.bin/ssh: sshsig.sh
Log message:
test 'ssh-keygen -Y find-principals' with wildcard principals;
from Fabian Stelzer
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/02/01 16:34:47
Modified files:
usr.bin/ssh: sshsig.c
Log message:
allow 'ssh-keygen -Y find-principals' to match wildcard principals
in allowed_signers files; from Fabian Stelzer
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/02/01 16:32:51
Modified files:
usr.bin/ssh: sshconnect2.c ssh-keygen.c sftp-server.c
nchan.c kex.c dns.c auth-rhosts.c
Log message:
mark const string array contents const t
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/02/01 16:11:11
Modified files:
usr.bin/ssh: scp.c
Log message:
better match legacy scp behaviour: show un-expanded paths in error
messages. Spotted by and ok tb@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/21 17:49:34
Modified files:
usr.bin/ssh: channels.h clientloop.c packet.c packet.h
serverloop.c
Log message:
add a ssh_packet_process_read() function that reads from a f
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/21 17:45:32
Modified files:
usr.bin/ssh: channels.c
Log message:
Use sshbuf_read() to read directly into the channel input buffer
rather than into a stack buffer that needs to be copied again;
Im
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/21 17:43:43
Modified files:
usr.bin/ssh: sshbuf-misc.c sshbuf.h
Log message:
Add a sshbuf_read() that attempts to read(2) directly in to a
sshbuf; ok markus@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/21 00:04:19
Modified files:
usr.bin/ssh: clientloop.c
Log message:
add a helper for writing an error message to the stderr_buf and setting
quit_pending; no functional change but saves a bunch of
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/20 23:58:06
Modified files:
usr.bin/ssh: packet.c
Log message:
correct comment and use local variable instead of long indirection;
spotted by dtucker@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/17 15:56:04
Modified files:
usr.bin/ssh: packet.c
Log message:
when decompressing zlib compressed packets, use Z_SYNC_FLUSH instead
of Z_PARTIAL_FLUSH as the latter is not actually specified as a
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/17 14:41:04
Modified files:
usr.bin/ssh: sftp-client.c
Log message:
make most of the sftp errors more idiomatic, following the general form
of "[local/remote] operation path: error message"; ok m
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/17 14:39:51
Modified files:
usr.bin/ssh: scp.c
Log message:
when transferring multiple files in SFTP mode, create the destination
directory if it doesn't already exist to match olde-scp(1) behavi
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/13 20:43:48
Modified files:
usr.bin/ssh: ssh-add.c ssh-agent.c
Log message:
allow pin-required FIDO keys to be added to ssh-agent(1).
ssh-askpass will be used to request the PIN at authentication
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/13 20:35:10
Modified files:
usr.bin/ssh: ssh-sk.c
Log message:
ssh-sk: free a resident key's user id
>From Pedro Martelletto; ok dtucker & me
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/13 20:34:01
Modified files:
usr.bin/ssh: ssh-sk-client.c
Log message:
sshsk_load_resident: don't preallocate resp
resp is allocated by client_converse(), at which point we lose
the original poin
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/13 20:32:52
Modified files:
usr.bin/ssh: ssh-sk-client.c
Log message:
sshsk_sign: trim call to sshkey_fingerprint()
the resulting fingerprint doesn't appear to be used for anything,
and we end u
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/13 20:31:52
Modified files:
usr.bin/ssh: sftp-server.c
Log message:
use status error message to communicate ~user expansion failures;
provides better experience for scp in sftp mode, where ~user
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/11 15:33:16
Modified files:
regress/usr.bin/ssh/unittests/sshsig: webauthn.html
Log message:
remove hardcoded domain and use window.location.host, so this can
be run anywhere
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/10 18:26:47
Modified files:
usr.bin/ssh: clientloop.c mux.c
Log message:
suppress "Connection to xxx closed" messages at LogLevel >= error
bz3378; ok dtucker@
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2022/01/09 20:06:23
Modified files:
openssh: agent-restrict.html
Log message:
correct date marker; it's 2022 already. From Yifei Zhan
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2022/01/09 17:39:49
Modified files:
openssh: agent-restrict.html
Log message:
really remove missing markup; spotted by tj
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2022/01/08 00:43:58
Modified files:
openssh: agent-restrict.html
Log message:
don't mention missing markus
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/08 00:37:32
Modified files:
usr.bin/ssh: sftp-client.c
Log message:
use status error message to communicate ~user expansion failures;
provides better experience for scp in sftp mode, where ~user
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/08 00:36:11
Modified files:
usr.bin/ssh: scp.c
Log message:
fix some corner-case bugs in scp sftp-mode handling of ~-prefixed
paths; spotted by jsg; feedback jsg & deraadt, ok jsg & markus
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/08 00:34:57
Modified files:
usr.bin/ssh: sftp-client.c
Log message:
more idiomatic error messages; spotted by jsg & deraadt
ok jsg & markus
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/08 00:33:54
Modified files:
usr.bin/ssh: sftp-server.c
Log message:
add a variant of send_status() that allows overriding the default,
generic error message. feedback/ok markus & jsg
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/08 00:32:45
Modified files:
usr.bin/ssh: misc.c
Log message:
refactor tilde_expand_filename() and make it handle ~user paths with no
trailing slash; feedback/ok markus and jsg
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2022/01/06 20:07:49
Modified files:
openssh: agent-restrict.html
Log message:
typos; from Ãngel
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2022/01/06 19:58:01
Modified files:
openssh: agent-restrict.html
Log message:
clarify
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2022/01/06 19:33:42
Modified files:
openssh: agent-restrict.html
Log message:
mention proxyjump
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/06 15:06:51
Modified files:
usr.bin/ssh: sshconnect2.c
Log message:
allow hostbased auth to select RSA keys when only RSA/SHA2 are
configured (this is the default case); ok markus@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/06 15:05:42
Modified files:
usr.bin/ssh: sshkey.c sshkey.h
Log message:
add a helper function to match a key type to a list of signature
algorithms. RSA keys can make signatures with multiple alg
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/06 15:04:20
Modified files:
usr.bin/ssh: ssh.c
Log message:
log some details on hostkeys that ssh loads for hostbased authn
ok markus@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/06 15:03:59
Modified files:
usr.bin/ssh: monitor.c
Log message:
log signature algorithm during verification by monitor; ok markus
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/06 15:02:52
Modified files:
usr.bin/ssh: hostfile.c
Log message:
piece of UpdateHostkeys client strictification: when updating known_hosts
with new keys, ignore NULL keys (forgot to include in pr
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/06 15:01:14
Modified files:
usr.bin/ssh: auth2-hostbased.c
Log message:
include rejected signature algorithm in error message and not the
(useless) key type; ok markus
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/06 15:00:18
Modified files:
usr.bin/ssh: ssh-keysign.c
Log message:
make ssh-keysign use the requested signature algorithm and not the
default for the keytype. Part of unbreaking hostbased auth f
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/06 14:57:28
Modified files:
usr.bin/ssh: clientloop.c
Log message:
stricter UpdateHostkey signature verification logic on the client-
side. Require RSA/SHA2 signatures for RSA hostkeys except whe
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/06 14:55:23
Modified files:
usr.bin/ssh: kex.c kex.h serverloop.c
Log message:
Fix signature algorithm selection logic for UpdateHostkeys on the
server side. The previous code tried to prefer RSA
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/06 14:48:38
Modified files:
usr.bin/ssh: channels.c channels.h clientloop.c serverloop.c
Log message:
convert ssh, sshd mainloops from select() to poll();
feedback & ok deraadt@ and markus@
has b
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/06 14:46:23
Modified files:
usr.bin/ssh: channels.c channels.h
Log message:
prepare for conversion of ssh, sshd mainloop from select() to poll()
by moving FD_SET construction out of channel handl
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/05 14:54:37
Modified files:
usr.bin/ssh: ssh-keygen.c
Log message:
add a comment so I don't make this mistake again
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/05 14:50:00
Modified files:
usr.bin/ssh: ssh-keygen.c
Log message:
fix cut-and-pasto in error message
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/05 01:25:05
Modified files:
regress/usr.bin/ssh: hostkey-rotate.sh
Log message:
select all RSA hostkey algorithms for UpdateHostkeys tests, not just
RSA-SHA1
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/04 21:56:15
Modified files:
regress/usr.bin/ssh: sshsig.sh
Log message:
regress test both sshsig message hash algorithms, possible now because
the algorithm is controllable via the CLI
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/04 21:50:11
Modified files:
usr.bin/ssh: ssh-keygen.1 ssh-keygen.c
Log message:
allow selection of hash at sshsig signing time; code already supported
either sha512 (default) or sha256, but plumb
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/04 21:27:54
Modified files:
usr.bin/ssh: ssh-keygen.c
Log message:
add missing -O option to usage() for ssh-keygen -Y sign;
from Linus Nordberg
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/04 21:27:01
Modified files:
usr.bin/ssh: ssh-keygen.c
Log message:
move sig_process_opts() to before sig_sign(); no functional code change
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/04 21:10:39
Modified files:
regress/usr.bin/ssh: sshsig.sh
Log message:
regression test for find-principals NULL deref; from Fabian Stelzer
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/04 21:02:42
Modified files:
usr.bin/ssh: sshsig.c
Log message:
NULL deref when using find-principals when matching an allowed_signers
line that contains a namespace restriction, but no restrictio
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/04 00:20:33
Modified files:
regress/usr.bin/ssh: agent-restrict.sh
Log message:
unbreak test: was picking up system ssh-add instead of the one supposedly
being tested. Spotted by dtucker and using hi
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/31 21:18:06
Modified files:
usr.bin/ssh: ssh-agent.c
Log message:
fix memleak in process_extension(); oss-fuzz issue #42719
401 - 500 of 1566 matches
Mail list logo